Before applying and verifying digital signatures (hereafter, signatures) and timestamps, please review the overview of the features and the necessary preparations.
To apply and verify digital signatures, you need to prepare the following in advance.
You need a “certificate that can prove the identity of the signer to the signature verifier” to apply a digital signature.
Before using the signature function, please obtain one of the following digital certificates in advance:
The obtained digital certificate can be used as the following types.
File | Certificate file (*.p12 / *.pfx) |
---|---|
Certificate Store/IC Card | Certificate already imported into the machine being used.
|
JPKI | Digital certificate (Japanese Public Key Infrastructure) stored in the My Number card.
|
When Using a Self-Signed Certificate
A self-signed certificate is a certificate that the signer themselves creates and issues.
In this product, you can create it from [New] in the certificate selection screen when applying a signature using the PKCS#7 profile without a timestamp.
The created self-signed certificate can be used for signatures without verification information and timestamps, regardless of the profile settings.
However, to verify a signature using a self-signed certificate, the same self-signed certificate must be installed in the “Trusted Root Certification Authorities” store of the machine performing the verification.
Also, since a self-signed certificate is not issued by a trusted third-party authority, you cannot obtain verification information over the Internet.
Therefore, it is not recommended to use it for signatures on documents that are expected to be verified by others or documents that need to be stored for a long time.
You need the root CA certificate and intermediate CA certificate according to the certificate specified at the time of application to apply and verify the signature.
If it is a certificate approved by Microsoft’s Root Certificate Update Program, it will be installed automatically in the background.
However, it will not be installed automatically in the following cases:
If it is not installed automatically, please confirm and obtain the appropriate certificate, and install it manually according to the following procedure.
When Using an Official Certificate / Duty Certificate
The certificates required to verify signatures using an official certificate or duty certificate can be downloaded and installed from [GPKI Preference] in the [Signature/Seal] menu.
Open the [Signature] tab and the [Signature Text] tab of the Preferences, and make the appropriate settings for applying and verifying signatures.
To apply and verify timestamps, you need to prepare the following in advance.
Please note that the application and verification of timestamps can only be done in an online environment.
You need a license for the timestamp service to apply a timestamp. It is not necessary if you are only verifying.
In this product, you can use two types of timestamp services.
If you do not have a license, please apply and purchase the service you want to use.
AMANO TimeStamp | AMANO Time Stamp Service 3161 Timestamp of AMANO Secure Japan Corporation ![]()
|
---|---|
SEIKO TimeStamp | SEIKO Time Stamp Service Timestamp of SEIKO Solutions Corporation ![]()
|
You need the root CA certificate and intermediate CA certificate according to the timestamp to apply and verify the timestamp.
If it is a certificate approved by Microsoft’s Root Certificate Update Program, it will be installed automatically in the background.However, it will not be installed automatically in the following cases:
If it is not installed automatically, please confirm and obtain the appropriate certificate, and install it manually according to the following procedure.
When applying a timestamp, open the [AMANO Timestamp] tab or the [SEIKO Timestamp] tab in the Preferences, and make the appropriate settings according to the timestamp service you are using.